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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)13 Responsive to communication(s) filed on 12 January 2004 . 
2a)M This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayie, 1935 CD. 11, 453 O.G. 213. 
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4) M Claim(s) 1-36 is/are pending in the application. 

4a) Of the above ciaim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) |3 Claim(s) 1-36 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1 - 36 are pending in the application. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-36 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent No. 6,223,212 to Batty in view of "Access Control for 
Collaborative Environments" (hereinafter Shen). 

4. The reference to Batty was cited in previous office actions. 

5. As to claim 25, Batty [column 3, line 50 - column 4, line 10; column 4, lines 30 - 
67; column 18, line 56 - column 19, line 25; column 25, line 59 -column 26, line 13; 
column 26, lines 13-46] teaches the invention substantially as claimed including a 
shared window [application sharing, AS, window] for entering commands into a local 
computer system [computer hosting a shared application, for example computer 1 10 for 
hosted application A, Fig. 1], wherein the shared window can be shared with a remote 
user who can input data [multipoint application sharing, MAS, system that resides at 
each computer system enables a user at each computer system to share one or more 
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application programs with each user at each other computer system] into the shared 
window from a remote computer system [computer sharing the window of a hosted 
application, for example computer 120 for hosted application A, Fig. 1] subject to access 
control [AS protocol provides a set of core control mechanisms whereby ASCEs can 
implement a range of policies], the apparatus comprising: 

a receiving mechanism [an intercept DD layer 638, Fig. 6] that is configured to 
receive a command [input data] from the remote user [user of the shadow computer] on 
the remote computer system [an intercept DD layer 638 to intercept calls from the 
standard DD layer 640 to the operating system.. .when a user of the shadow computer 
system inputs data for the shared application program, the standard device driver for 
the input device is executed and calls the intercept DD layer]; 

wherein the command is directed toward the local computer system [host 
computer system] in order to operate the local computer system [a user of the shadow 
computer system inputs data for the shared application program... forwards those 
packeted input data to the controlling task 612 of the host computer system, Fig. 6]; 

a filtering mechanism [AS protocol also defines an additional mediated set of 
control mechanisms] that is configured to pass the command through a filtering process 
[managing the right to provide input to hosted and/or shadow windows], and to execute 
the command on the local computer system if the command passes the filtering process 
[AS protocol provides a set of core control mechanisms whereby ASCEs can implement 
a range of policies... AS protocol also defines an additional mediated set of control 
mechanisms, which build upon the core control mechanisms... the core AS control 
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protocol is based on managing the right to provide input to hosted and/or shadow 
windows]; and 

a display mechanism that is configured to display the command on the shared 
window on the local computer system [transmits the messages to the host window] so 
that a local user can view the command [controlling task 612 retrieves the input data 
from the shadow queue 622 forwards the input data to the operating system... then 
generates messages corresponding to the input data and transmits the messages to the 
host window... shared application program treats input data entered on the shadow 
computer system as if it were generated locally at the host computer system, Fig. 6]; 

wherein the display mechanism is configured to allow the command to be 
displayed on a remote copy of the shared window [shadow window] on the remote 
computer system, so that the remote user can view the command [for each hosted 
window, there is a corresponding shadow window that is displayed by each ASCE that 
is viewing... shadow windows are displayed by the ASCE and correspond to a hosted 
window on the host ASCE... all updates to the host windows are reflected in both the 
shadow bitmap and the shadow window], 

6. Although Batty teaches granting permission to execute commands on the local 
computer system [allow requesting ASCE to take control] based on an approval 
received from a user [such as interacting with the local end-user] of the local computer 
system [When the local value is Confirm, the ASCE utilizes a purely local mechanism 
(such as interacting with the local end-user) to determine whether to allow the 
requesting ASCE to take control and then responds with either a Confirm Take 
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Response or Deny Take Response., .to the requesting ASCE; col. 22, line 63 - col. 23, 
line 25], Batty does not teach granting permission to execute command on a per- 
command basis. 

However, Shen teaches a collaborative environment [see abstract, p. 51], 
granting permission to execute the command on the local computer system [Suite 
supports positive rights, that is, allows explicit granting of a right; Section 5.1, p. 53] on 
a per-command basis [suite supports protection of fine-grained active variables; Section 
5.3, p. 53] by a user [user hss] of the local computer system [user hss (right windows) 
denies rxc the elide right to the function getvalue, Fig. 2; Section 5.3, p. 53 - 54] and 
allowing user rights to change dynamically [users may take and relinquish the suite role 
dynamically; Section 5.1 , p. 53]. 

7. It would have been obvious to a person of ordinary skill in the art at the time of 
the invention to apply the teaching of granting permission to execute a command on a 
per-command basis by a user of the local computer system as taught by Shen to the 
invention of Batty because this allows the system of Batty to support fine-grained 
access rights and independent specification of each access right of each user on each 
command [Section 2, Flexibility; p. 52 of Shen]. 

8. As to claim 26, Batty teaches [column 23, lines 1 - 20] if the shared window is in 
an approval mode [value is Confirm], the filtering mechanism is configured to allow the 
local user of the local computer system to approve the command [interacting with the 
local end-user to determine whether to allow the requesting ASCE to take control], and 
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to allow the command to pass the filtering process if the local user approves the 
command [when the negotiated value is Confirm, one or more peer ASCEs require that 
the taking of control requires confirmation by those peer ASCEs and the ASCE sends a 
Take Control Request MediatedControlPDU to all ASCEs.. .when the local value is 
Confirm, the ASCE utilizes a purely local mechanism, such as interacting with the local 
end-user, to determine whether to allow the requesting ASCE to take control]. 

9. As to claim 27, Batty teaches [column 23, lines 1 - 20] if the shared window is in 
a view-only mode [value is Never], no commands received from the remote user are 
allowed to pass the filtering process [negotiated value is Never, one or more peer 
ASCEs will not permit the taking of control and the ASCE cannot do so]. 

1 0. As to claim 28, Batty teaches [column 23, lines 1 - 20] if the shared window is in 
an execute mode [value is Always], all commands received from the remote user are 
allowed to pass the filtering process [negotiated value is Always, the taking of control is 
unmediated and the ASCE initiates the Core, Request Control, action to take control]. 

11. As to claim 29, Batty as modified [Section 5.6, p. 57 of Shen] teaches a pre- 
specified list of safe commands [extended form of access list] that are allowed to pass 
the filtering [when a subject s is checked against the access rights r on object o, we first 
search the access list associated with o... If no definite right can be calculated from the 
subject space, inheritance in the rights dimension is used. If no definite right can be 
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inferred based on the access list associated with the object, we use inheritance in the 
object dimension to infer the right. Finally, if we still do not find a definition for the right, 
we infer a negative right]. 

12. As to claim 30, Batty teaches [column 23, lines 1 - 20] the filtering mechanism is 
configured to allow the local user of the local computer system to approve the command 
[interacting with the local end-user to determine whether to allow the requesting ASCE 
to take control], and allow the command to pass the filtering process if the local user 
approves the command [when the negotiated value is Confirm, one or more peer 
ASCEs require that the taking of control requires confirmation by those peer ASCEs and 
the ASCE sends a Take Control Request MediatedControlPDU to all ASCEs. ..when the 
local value is Confirm, the ASCE utilizes a purely local mechanism, such as interacting 
with the local end-user, to determine whether to allow the requesting ASCE to take 
control]. As to a pre-specified list of safe commands, see claim 29 above. 

1 3. As to claim 31 , Batty teaches [column 34, lines 42 - 60] the display mechanism 
is configured to display commands from different users in different colors on the shared 
window [ColorTable Cache capability set provides capabilities for the colortable cache 
characteristics of the issuing ASCE... these capabilities are used to negotiate values 
used to construct Cache ColorTable orders in UpdatePDUs]. 
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14. As to claim 32, Batty teaches [column 25, line 59 - column 26, line 13] the 
display mechanism is configured to send an update for the shared window from the 
local computer system [host window] to the remote computer system [shadow window], 
wherein the update includes the command [all updates to the host windows are 
reflected in both the shadow bitmap and the shadow window]. 

15. As to claim 33, Batty teaches [column 19, lines 1 - 25] the receiving mechanism 
is configured to receive a second command from a second remote user on a second 
remote computer system [in cooperating mode, cooperating ASCEs within the 
conference serially acquire the right to provide input to hosted and shadow windows]. 

16. As to claim 34, Batty teaches [column 18, line 56 - column 19, line 25] the 
filtering mechanism is located on at least one of: the remote computer system [ASCE 
that has a shadow window], the local computer system [ASCE that is hosting 
application], and a shared server that is separate from the remote computer system and 
the local computer system [AS protocol provides a set of core control mechanisms 
whereby ASCEs can implement a range of policies... AS protocol also defines an 
additional mediated set of control mechanisms, which build upon the core control 
mechanisms. ..the core AS control protocol is based on managing the right to provide 
input to hosted and/or shadow windows]. 
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17. As to claim 35, Batty teaches the command is in the form of character input [AS, 
application sharing, output stream consists keyboard events; column 6, lines 30 - 45]. 

1 8. As to claim 36, Batty teaches the command is in the form of an action applied to 
a graphical user interface [AS, application sharing, output stream consists of interleaved 
keyboard and pointing device events; column 6, lines 30-45]. 

19. As to claims 1-12, these are method claims that correspond to apparatus 
claims 25 - 36; note the rejections to apparatus claims 25 - 36 above, which also meet 
these method claims. 

20. As to claims 13-24, these are product claims that correspond to apparatus 
claims 25 - 36; note the rejections to apparatus claims 25 - 36 above, which also meet 
these product claims. 

Response to Arguments 

21. Applicant's arguments filed January 12, 2004 have been fully considered but they 
are not persuasive. 

22. In response to applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies 
(i.e., "grants permission to execute a command at run-time on a per-command basis 
based on an approval received from a user of the local computer system," emphasis 
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added; p. 10, lines 9 - 1 1 ) are not recited in the rejected claim(s). Although the claims 
are interpreted in light of the specification, limitations from the specification are not read 
into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 
1993). 

23. Examiner notes that the claims do not clearly recite the features of the 
application as disclosed in the specification. The specification discloses allowing a local 
user to approve a command at run-time, which allows the command to pass the filtering 
process [p. 10, lines 22 - 23 of specification]. Therefore, permission to execute the 
command on the local computer system is granted on a per-command basis based on 
an approval inputted by a user of the local computer system at run-time. However, the 
claims do not clearly recite these features. For example, claim 25 [lines 18-20] recites 
"wherein permission to execute the command on the local computer system is granted 
on a per-command basis based on an approval received from a user of the local 
computer system." The limitation does not specify when the approval was received, i.e. 
prior to or during execution of the program. A reasonable interpretation of the limitation 
is that permission to execute the command was received from the user prior to 
execution of the program and stored in memory. The process then accesses the 
memory to decide whether to grant permission or not. The limitation recited above does 
not require the local user to input approval of a command at run-time. 

Conclusion 

24. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
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§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

25. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Li B. Zhen whose telephone number is (703) 305-3406. 
The examiner can normally be reached on Mon - Fri, 8:30am - 5pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Meng-Ai An can be reached on (703) 305-9678. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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